Category: cybersecurity

Key Takeaways For An Enforceable Terms of Use Agreement

In light of the recent Nevada federal district court decision In re Zappos.com, Inc., ‎Customer Data Security Breach Litigation, companies should review and update their ‎implementation of browsewrap agreements to ensure users are bound to its terms. MDL No. ‎‎2357, 2012 WL 4466660 (D.Nev. Sept. 27, 2012).

A browsewrap agreement refers to the online Terms of Use agreement that binds a web ‎user merely by his continued browsing of the site, even when he is not aware of it. Any ‎somewhat experienced web user is no stranger to the Terms of Use link that leads to the ‎browsewrap agreement. Yet, the users tend to ignore the link’s existence, and rarely think of it ‎as a “contract” with any practical effects. In Zappos, the court questioned the browsewrap ‎agreement’s validity particularly because of this tendency among web users. The court ruled the ‎arbitration clause in Zappos’ browsewrap Terms of Use was unenforceable because the users did ‎not agree to it and Zappos had the right to modify the terms at any time. ‎

Background of the Case

Founded in 1999, Zappos.com is a subsidiary of Amazon.com and one of the nation’s ‎biggest online retailers for footwear and apparel. Currently headquartered in Henderson, ‎Nevada, the company has more than 24 million customer accounts. In mid-January 2012, its ‎computer system experienced a security breach in which hackers attempted to access the ‎company’s customer accounts and personal information.

After Zappos notified its customers about the incident, customers from across the country ‎filed lawsuits against Zappos, seeking relief for damages arising from the breach. The cases were ‎transferred to and consolidated in Nevada. Zappos then sought to enforce the arbitration clause ‎contained in its Terms of Use, which would stay the litigation in federal court and compel the ‎case for arbitration. The court denied Zappos’ motion on two grounds: there was no valid ‎agreement to arbitrate due to the lack of assent by the plaintiffs and the contract was ‎unenforceable because it reserved to Zappos the right to modify the terms at any time and ‎without notice to its users.

Lessons Learned from the Browsewrap

Mutual Assent Must Be Clear 

Arbitration provisions are a matter of contract law, and the traditional elements of a ‎contract must be met even though Zappos’ Terms of Use was presented in electronic, ‎browsewrap form on the website. An essential element of contract formation is mutual assent by ‎the parties to the contract, which the court found was missing in this case as there was no ‎evidence of the plaintiffs’ assent.

The court compared the browsewrap agreement with another popular form of online terms ‎of use agreement, the “clickwrap” agreement. Clickwrap agreements require users to take ‎affirmative actions, such as clicking on an “I Accept” button, to expressly manifest their assent to ‎the terms and conditions.‎

Since Zappos’ browsewrap agreement did not require its users to take similar affirmative ‎action to show their assent to the terms and conditions, there was no direct evidence showing ‎that the plaintiffs consented to or even had actual knowledge of the agreement, including the ‎arbitration clause.‎

Link It Front and Center 

Furthermore, the court found Zappos’ Terms of Use hyperlink was inconspicuous and ‎thus did not provide reasonable notice to its users. The link was a) “buried” in the middle or ‎bottom of each page and became visible when a user scrolls down, b) appeared “in the same size, ‎font, and color as most other non-significant links,” and c) the website did not “direct a user to ‎the Terms of Use when creating an account, logging in to an existing account, or making a ‎purchase.” The court concluded that under ordinary circumstances, users would have no reason ‎to click on the link.‎

Unilateral Right to Modify or Terminate Won’t Work

Another problem with Zappos’ browsewrap agreement was that it was illusory and thus ‎unenforceable. In the agreement, the company “retain[ed] the unilateral, unrestricted right to ‎terminate the arbitration agreement” and had “no obligation to receive consent from, or even ‎notify, the other parties to the contract.” Users would unsuspectingly agree to the changes by ‎continuing to use the site. Under this provision, Zappos could seek to enforce the arbitration ‎clause, as it did here, or not enforce it by modifying the clause without notice to its users when it ‎was no longer in its interest to arbitrate. In either circumstance, the users would still be bound to ‎the agreement.

Implications for Companies

As a result of this decision, companies should carefully reassess the display and content ‎of the online terms of use they adopt to ensure their enforceability. In a narrow sense, the ‎decision means an arbitration clause in a browsewrap agreement similar to Zappos’ may be ‎deemed unenforceable. More broadly, this decision threatens the validity and enforceability of ‎other terms and conditions contained in a browsewrap agreement, which may deprive the ‎company of the agreement’s protection and favorable terms. ‎

Clickwrap agreements seem to provide the solution to Zappos’ problem. The court ‎suggested a clickwrap agreement could obtain a user’s assent to the terms and conditions. A ‎company may implement the clickwrap agreement through account registration or purchase ‎check-out, tailored to the nature of the company’s business and user interaction. The system may ‎require a user to click “I Accept” to secure the user’s assent to be bound by the agreement before ‎he can proceed further on the website. ‎

On the other hand, the court did not conclude that browsewrap agreements are never ‎enforceable. Other courts have held that browsewrap agreements are generally enforceable. ‎Enforceability largely depends on how the company presents the link and terms to the users such ‎that the users would have reasonable notice of the information. Accordingly, a browsewrap ‎agreement may be enforceable if the hyperlink is conspicuously located and displayed. ‎

In addition, companies should communicate and secure a user’s assent to any ‎modification when the user has previously accepted the terms and conditions. The user may ‎consent through another clickwrap agreement showing the modified terms. With a browsewrap ‎agreement, notice of the changes should, at the minimum, be conspicuously displayed on the ‎webpage. ‎

What This Means 

The Zappos decision reflects a change in the public policy on web activities, and users ‎who do not affirmatively agree to the online Terms of Use may no longer be bound. Consumers ‎are increasingly turning to the web for goods and services. In reaction, courts are beginning to ‎look closer into the transactions and resulting issues that occur online. In this process, courts are ‎testing and requiring new standards for these Terms of Use agreements. Companies should be ‎aware of the court’s evolving attitude towards the different types of agreements. You are ‎encouraged to seek legal guidance to properly adapt your implementation of Terms of Use ‎agreements. Failure to update your Terms of Use agreements may leave you exposed to ‎unfavorable terms that the Terms of Use is designed to prevent.‎